Setup a proxy server with Raspberry PI, Raspberry PI OS Lite and Squid
Last updated on September 15th, 2020
What Are Proxy Servers And Why Use Them
Following Wikipedia description, “a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity“. A descriptive picture is also showed in the same page:
Squid is the most popular open source package to create a proxy in your self hosted linux server to reduce home network traffic and improve response time. It can be also used in chain with Privoxy to add network security.
Proxy server are useful in many contexts:
- in Office context: to control internet traffic by blocking some websites or some keywords, to manage contact with external internet from a single point or to optimize internet bandwidth usage by caching pages at proxy level
- in Home context: for example to control family internet access to block dangerous websites for childrens
- in Personal use context: for example to use an anonymous connection or to bypass network ISP blocks
Once setup, proxy server can be configured in client machines both at web browser level (so that only the browser will use proxy) or at system level (in this case, all browsers and terminal commands will use proxy).
In this tutorial we are going to setup a proxy server with Raspberry Pi Zero W, but this procedure applies also to newer Raspberry Pi models.
What We Need
As usual, I suggest adding from now to your favourite e-commerce shopping cart all the needed hardware, so that at the end you will be able to evaluate overall costs and decide if continue with the project or remove them from the shopping cart. So, hardware will be only:
- Raspberry Pi Zero W (including proper power supply or using a smartphone micro usb charger with at least 3A)
- micro SD card (at least 16 GB, at least class 10)
Check hardware prices with following links:
Following picture summarizes the procedure:
In this guide we are going to use default Raspberry PI OS Lite as OS. Then we’ll install Squid (the most popular open source Proxy) and configure it.
I’ll configure Squid to manage access for all clients on a 192.168.1.0/24 private network to internet. You will need to modify this network depending on your needs and networking configurations.
Install OS And Squid
First thing, start from a fresh Raspberry PI OS Lite installation.
Make sure you OS is updated. From command line:
sudo apt update sudo apt upgrade
Simply install Squid by using Raspberry PI OS repository with following command:
sudo apt install squid
At installation end, check that squid service is active:
sudo systemctl status squid.service
and you should see the following:
● squid.service – Squid Web Proxy Server
Loaded: loaded (/lib/systemd/system/squid.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2019-09-29 11:46:06 BST; 1min 39s ago
Main PID: 5481 (squid)
├─5481 /usr/sbin/squid -sYC
├─5483 (squid-1) –kid squid-1 -sYC
├─5486 (logfile-daemon) /var/log/squid/access.log
Squid file and locations you should be aware of are:
- Squid configuration file: /etc/squid/squid.conf
- Squid Access log: /var/log/squid/access.log
- Squid Cache log: /var/log/squid/cache.log
Edit config file, creating a copy:
sudo mv /etc/squid/squid.conf /etc/squid/squid.conf.backup sudo nano /etc/squid/squid.conf
in this file I’ll leave the default port used from clients to use proxy. If you want to change it, identify and edit the following line:
to restrict networks allowed to use squid proxy, I will comment all lines starting with “acl localnet src” just by adding an ashtag (#) at the start of line. I’m going to allow my network by typing the following configuration line:
acl localnet src 192.168.1.0/24
Finally identify default rule which is blocking http access:
http_access deny all
and change it to:
http_access allow all
to start using your Squid proxy server.
Close and save the file. Restart Squid service:
sudo systemctl restart squid.service
Configure Your Client To Use Proxy Server
Now you need to configure you client to use proxy server for internet connections. You have to check this depending on your client OS. For example, on Windows clients you should go on Settings -> Network & Internet -> Proxy. Move On “Use a proxy server” switch and insert your Raspberry PI IP address in address field and 3128 in port field.
Close and open again your browser. Now you are using your Squid proxy.
For more info and advanced settings, please refer to Squid official documentation.
We are sorry that this post was not useful for you!
Let us improve this post!
Tell us how we can improve this post?
4 thoughts on “Setup a proxy server with Raspberry PI, Raspberry PI OS Lite and Squid”
Thanks for the guide for Squid on to the Rpi, I have installed it on my rpi4,
Do you have a guide for turning the Squid cache into transparent cache.
from my searches with google, it appears that transparent mode can be enbled just by setting “http_port 3128 transparent” in your squid.conf
How does one set a Password for the http Proxy?
A good tutorial on adding authentication is available from https://gist.github.com/jackblk/fdac4c744ddf2a0533278a38888f3caf.
Still not tried, but I will in near future. Please let me know if it works